Summary iPlain-English security verdict for Perl, generated from its current health score, actively-exploited vulnerabilities, and latest supported version.
Perl currently scores 85/100 — good. No tracked vulnerabilities are currently known to be exploited in the wild. The latest supported release is 5.42.2. It's largely safe; apply minor updates as they appear.
Disclosure trend iNew CVEs published for Perl each year (NVD). A higher bar means more disclosures that year — more scrutiny, not necessarily less safe.
Patch priority — what to act on iThe issues to fix first — actively exploited (CISA KEV) first, then by exploitation probability (EPSS), then severity. Each row's "→ fixed in" is the earliest version that patches it; "see advisory" means no fixed version is published.
Most urgent first — actively exploited, then likeliest to be exploited.
CVE-2012-6329 HIGH Code injection EPSS 62% → see advisory CVE-2018-18312 CRITICAL Memory corruption EPSS 12% → fixed in 5.28.1 CVE-2018-18311 CRITICAL Integer overflow EPSS 12% → fixed in 5.28.1 CVE-2018-6913 CRITICAL Out-of-bounds write EPSS 11% → fixed in 5.26.2 CVE-2018-18313 CRITICAL Out-of-bounds read EPSS 9% → fixed in 5.26.3 CVE-2018-6797 CRITICAL Out-of-bounds write EPSS 8% → see advisory CVE-2017-12814 CRITICAL Memory corruption EPSS 7% → see advisory CVE-2018-18314 CRITICAL Memory corruption EPSS 6% → fixed in 5.26.3 CVE-2017-12883 CRITICAL Memory corruption EPSS 6% → see advisory CVE-2015-8608 CRITICAL Out-of-bounds read EPSS 5% → see advisory CVE-2022-48522 CRITICAL Out-of-bounds write EPSS 2% → see advisory CVE-2026-4176 CRITICAL EPSS 1% → fixed in 5.43.9Get alerted about Perl
Be emailed the moment Perl gets a newly exploited vulnerability (CISA KEV) or a release reaches end of life. Free · double opt-in · unsubscribe anytime.
We email only on real events for Perl — no marketing, no sharing, and we never know what you run. Track your whole stack →
Versions & lifecycle iWhen each release line stops receiving security patches (end-of-life). After EOL there are no more fixes — plan upgrades before these dates.
How long each Perl release line is supported — and when it sunsets. Select a line for its full report.
Full Perl end-of-life dates & support timeline →
5.42 latest 5.42.2 Supported until 2028-07-035.42.2 → 5.40 latest 5.40.4 Supported until 2027-06-095.40.4 → 5.38 latest 5.38.5 Supported until 2026-07-025.38.5 → 5.36 latest 5.36.3 End of life ended 2025-05-275.36.3 → 5.34 latest 5.34.3 End of life ended 2024-05-205.34.3 → 5.32 latest 5.32.1 End of life ended 2023-06-205.32.1 → 5.30 latest 5.30.3 End of life ended 2022-05-225.30.3 → 5.28 latest 5.28.3 End of life ended 2021-06-235.28.3 → 5.26 latest 5.26.3 End of life ended 2020-05-305.26.3 → See all upcoming end-of-life dates →Frequently asked
Is Perl safe and patched?
Perl currently scores 85/100 — good. No tracked vulnerabilities are currently known to be exploited in the wild. The latest supported release is 5.42.2. It's largely safe; apply minor updates as they appear.
What should I do about Perl now?
Upgrade Perl to the latest supported release (5.42.2) or later and apply available security updates, then confirm against Perl's official advisory.
When does Perl reach end-of-life?
The latest supported Perl release is 5.42.2. After end-of-life a release no longer receives security patches.
Which versions of Perl are still receiving security updates?
Supported Perl release lines (latest 5.42.2): 5.42, 5.40, 5.38. End-of-life releases no longer receive security patches.
Informational only, from public data (NVD · CISA KEV · EPSS · endoflife.date), and can lag or miss vendor-specific fixes. Always confirm against Perl's official advisory before you patch or upgrade — Perl official site ↗